package top.huntwolf.admin.controller;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import top.huntwolf.admin.common.JsonResult;
import top.huntwolf.admin.common.enums.CodeMsg;
import top.huntwolf.admin.pojo.User;
import top.huntwolf.admin.pojo.cmsUser.*;
import top.huntwolf.admin.service.CMSUserService;

import javax.servlet.http.HttpServletRequest;
import java.util.List;

/**
 * description:
 * author:zt
 * date:2021-10-23
 */
@RestController
@CrossOrigin()
@RequestMapping(value = "/cms/rbac")
@Api(description = "cms权限控制器")
public class CMSPermissionController {

    @Autowired
    private CMSUserService cmsUserService;

    @RequiresPermissions(value = "rbac:user:find")
    @GetMapping("/sub-user")
    @ApiOperation("获取小于自身角色权重的用户")
    public JsonResult<List<CMSUser>> querySubUser(){
        return JsonResult.success(cmsUserService.findSubUserAndRole());
    }

    @RequiresPermissions(value = "rbac:role:find")
    @GetMapping("/sub-role")
    @ApiOperation("获取小于自身角色权重的角色")
    public JsonResult<List<Role>> querySubRole(){
        return JsonResult.success(cmsUserService.findSubRoleList());
    }

    @RequiresPermissions(value = "rbac:permission:find")
    @GetMapping("/permission")
    @ApiOperation("获取当前用户的所有权限")
    public JsonResult<List<Permission>> queryPermissionList(){
        return JsonResult.success(cmsUserService.findPermission());
    }

    @RequiresPermissions(value = "rbac:user-role:add")
    @PostMapping("/user-role")
    @ApiOperation("为用户添加角色")
    public JsonResult addUserRoleRelation(@RequestBody List<UserRole> userRoles){
        cmsUserService.addUserAndRole(userRoles);
        return JsonResult.success(null);
    }

    @RequiresPermissions(value = "rbac:role-permission:add")
    @PostMapping("/role-permission")
    @ApiOperation("为角色添加权限")
    public JsonResult addRolePermissionRelation(@RequestBody List<RolePermission> rolePermissions){
        cmsUserService.addRoleAndPermission(rolePermissions);
        return JsonResult.success(null);
    }

    @RequiresPermissions(value = "rbac:role:add")
    @PostMapping("/role")
    @ApiOperation("添加角色")
    public JsonResult addRole(@RequestBody Role role){
        cmsUserService.addRole(role);
        return JsonResult.success(null);
    }

    @RequiresPermissions(value = "rbac:permission:add")
    @PostMapping("/permission")
    @ApiOperation("添加权限")
    public JsonResult addPermission(@RequestBody Permission permission){
        cmsUserService.addPermission(permission);
        return JsonResult.success(null);
    }

    @RequiresPermissions(value = "rbac:role-permission:add")
    @PostMapping("/role-permission/route")
    @ApiOperation("根据路由为角色添加权限")
    public JsonResult addRolePermissionByRoute(@RequestBody RoleRoute roleRoute){
        cmsUserService.addRoleAndPermissionByRoute(roleRoute);
        return JsonResult.success(null);
    }

    @RequiresPermissions(value = "rbac:user-role:remove")
    @DeleteMapping("/user-role")
    @ApiOperation("删除用户和角色关系")
    public JsonResult removeUserRoleRelation(@RequestBody List<UserRole> userRoles){
        cmsUserService.deleteUserAndRole(userRoles);
        return JsonResult.success(null);
    }

    @RequiresPermissions(value = "rbac:role-permission:remove")
    @DeleteMapping("/role-permission")
    @ApiOperation("删除角色和权限关系")
    public JsonResult removeRolePermissionRelation(@RequestBody List<RolePermission> rolePermissions){
        cmsUserService.deleteRoleAndPermission(rolePermissions);
        return JsonResult.success(null);
    }

    @RequiresPermissions(value = "rbac:role-permission:remove")
    @DeleteMapping("/role-permission/route")
    @ApiOperation("根据路由为角色删除权限")
    public JsonResult removeRolePermissionByRoute(@RequestBody RoleRoute roleRoute){
        cmsUserService.deleteRoleAndPermissionByRoute(roleRoute);
        return JsonResult.success(null);
    }



}
